Small precision in README for those not interested by Bitnami Sealed Secret
This commit is contained in:
parent
dbe4ba7841
commit
bd9335a94c
|
@ -35,7 +35,7 @@ Here we are, we have a peertube K8S configuration ! ;) (not yet in fact, you hav
|
||||||
|
|
||||||
### Environment variables
|
### Environment variables
|
||||||
|
|
||||||
To change most of the parameters of Peertube deployment, you can store environment variables in a "secret" inside your Kubernetes namespace. This can be done like in [Peertube on Kubernetes](https://forge.extranet.logilab.fr/open-source/peertube-on-kubernetes/) using Kustomize secretGenerator. (copy their kustomization.yaml example file, append to the one we just created, and adapt environment variables to your desired values).
|
To change most of the parameters of Peertube deployment, you can store environment variables in a "secret" inside your Kubernetes namespace. This can be done like in [Peertube on Kubernetes](https://forge.extranet.logilab.fr/open-source/peertube-on-kubernetes/) using Kustomize secretGenerator. (copy their kustomization.yaml example file, append to the one we just created, and adapt environment variables to your desired values : if you do that, you can skip the next paragraphs and go directly to the Ingress section).
|
||||||
|
|
||||||
This is good for simple deployment purpose, where you do this once, or if you can store your files in a trusted location you're the only one to use. But if you want to, let's say, store your configuration in a Git repository accessible by others (for example, in your team at work, or with other teams in bigger organizations), that's bad (very very bad) in terms of security (everyone will know your database credentials, object storage access and secret keys, etc...). Instead, we use Bitnami Sealed Secrets and store the sealed secret file in the repository. This is not a lesson about Bitnami Sealed Secrets, so if you want to use it, we [let you go on their Git and documentation for installation instructions](https://github.com/bitnami-labs/sealed-secrets)).
|
This is good for simple deployment purpose, where you do this once, or if you can store your files in a trusted location you're the only one to use. But if you want to, let's say, store your configuration in a Git repository accessible by others (for example, in your team at work, or with other teams in bigger organizations), that's bad (very very bad) in terms of security (everyone will know your database credentials, object storage access and secret keys, etc...). Instead, we use Bitnami Sealed Secrets and store the sealed secret file in the repository. This is not a lesson about Bitnami Sealed Secrets, so if you want to use it, we [let you go on their Git and documentation for installation instructions](https://github.com/bitnami-labs/sealed-secrets)).
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue